Create WebgoatContext in HammerHead, rather than WebSession

Now webgoatContext should effectively be a singleton, shared across
all WebSession instances. WebSession now initialises from WebgoatContext.

WebSession methods that refer to static "site wide" properties are deeted
and references to them updated to point to WebgoatContext


git-svn-id: http://webgoat.googlecode.com/svn/trunk@141 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
rogan.dawes
2007-07-10 11:51:26 +00:00
parent 53487970f6
commit eaf12c706c
7 changed files with 108 additions and 97 deletions

View File

@ -24,6 +24,7 @@ import org.owasp.webgoat.session.ErrorScreen;
import org.owasp.webgoat.session.Screen;
import org.owasp.webgoat.session.UserTracker;
import org.owasp.webgoat.session.WebSession;
import org.owasp.webgoat.session.WebgoatContext;
/*******************************************************************************
*
@ -79,6 +80,12 @@ public class HammerHead extends HttpServlet
*/
public static String propertiesPath = null;
/**
* provides convenience methods for getting setup information
* from the ServletContext
*/
private WebgoatContext webgoatContext = null;
/**
* Description of the Method
@ -289,6 +296,7 @@ public class HammerHead extends HttpServlet
httpDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
propertiesPath = getServletContext().getRealPath(
"./WEB-INF/webgoat.properties");
webgoatContext = new WebgoatContext(this);
}
@ -481,7 +489,7 @@ public class HammerHead extends HttpServlet
{
// Create new custom session and save it in the HTTP session
// System.out.println( "HH Creating new WebSession: " );
session = new WebSession(this, context);
session = new WebSession(webgoatContext, context);
hs.setAttribute(WebSession.SESSION, session);
// reset timeout
hs.setMaxInactiveInterval(sessionTimeoutSeconds);